Malpedia Library

2022-09-23 ⋅ Kaspersky ⋅ Artem Ushkov, Roman Dedenok
Mass email campaign with a pinch of targeted spam
Agent Tesla

2022-09-15 ⋅ Kaspersky ⋅ Oleg Kupreev
Self-spreading stealer attacks gamers via YouTube
RedLine Stealer

2022-08-25 ⋅ Kaspersky ⋅ Seongsu Park
Kimsuky’s GoldDragon cluster and its C2 operations

2022-08-16 ⋅ Kaspersky ⋅ Igor Kuznetsov, Leonid Bezvershenko
Two more malicious Python packages in the PyPI
W4SP Stealer

2022-08-16 ⋅ Kaspersky ⋅ Kaspersky
Threat in your browser: what dangers innocent-looking extensions hold for users
DealPly

2022-08-10 ⋅ Kaspersky ⋅ Giampaolo Dedola, Pierre Delcher
VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges

2022-08-09 ⋅ Kaspersky ⋅ Kurt Baumgartner, Seongsu Park
Andariel deploys DTrack and Maui ransomware
Dtrack Maui Ransomware

2022-08-08 ⋅ Kaspersky ⋅ Kaspersky Lab ICS CERT
Targeted attack on industrial enterprises and public institutions
Cotx RAT Logtu nccTrojan PortDoor

2022-08-03 ⋅ Kaspersky Labs ⋅ Alexander Gutnikov, Oleg Kupreev, Yaroslav Shmelev
DDoS attacks in Q2 2022
Altahrea Team

2022-07-28 ⋅ Kaspersky Labs ⋅ GReAT
APT trends report Q2 2022
Karkadann

2022-07-28 ⋅ Kaspersky Labs ⋅ Igor Kuznetsov, Leonid Bezvershenko
LofyLife: malicious npm packages steal Discord tokens and bank card data
Lofy

2022-07-28 ⋅ Kaspersky ⋅ Igor Kuznetsov, Leonid Bezvershenko
LofyLife: malicious npm packages steal Discord tokens and bank card data

2022-07-25 ⋅ Kaspersky ⋅ GReAT
CosmicStrand: the discovery of a sophisticated UEFI firmware rootkit

2022-07-20 ⋅ Kaspersky ⋅ Dmitry Galov, Jornt van der Wiel, Marc Rivero López, Sergey Lozhkin
Luna and Black Basta — new ransomware for Windows, Linux and ESXi
Black Basta Conti

2022-06-30 ⋅ Kaspersky ⋅ Pierre Delcher
The SessionManager IIS backdoor: a possibly overlooked GELSEMIUM artefact
MimiKatz Owlproxy SessionManager

2022-06-27 ⋅ Kaspersky ICS CERT ⋅ Artem Snegirev, Kirill Kruglov
Attacks on industrial control systems using ShadowPad
Cobalt Strike PlugX ShadowPad

2022-06-23 ⋅ Kaspersky ⋅ Danila Nasonov, Natalya Shornikova, Nikita Nazarov, Vasily Davydov, Vladislav Burtsev
The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs
Conti Hive BlackByte BlackCat Clop LockBit Mespinoza Ragnarok

2022-06-23 ⋅ Kaspersky ⋅ Danila Nasonov, Natalya Shornikova, Nikita Nazarov, Vasily Davydov, Vladislav Burtsev
The hateful eight: Kaspersky’s guide to modern ransomware groups’ TTPs (Download Form)
BlackByte BlackCat Clop Conti Hive LockBit Mespinoza RagnarLocker

2022-06-21 ⋅ Kaspersky ⋅ Giampaolo Dedola
APT ToddyCat: Unveiling an unknown APT actor attacking high-profile entities in Europe and Asia
ToddyCat